10 Tips from the National Cyber Security Center (NCSC) to Avoid Getting Hacked
The National Cyber Security Center (NCSC) has issued a warning about how to protect ourselves against commercial surveillance tools.
According to the NCSC, people are taking advantage of these tools by selling them to "governments and other entities," who then use them to exploit their victims. Many people around the world have been targeted with these surveillance tools, and cybercriminals have managed to gain access to almost anyone who isn't careful enough.
If someone manages to infect a device with these types of surveillance tools, they potentially gain full control of the device. That means they could record your audio conversations and phone calls, track your location, and even access all the content on your device from anywhere in the world.
Companies and individuals have been selling commercial surveillance tools to governments and other entities that have used them for malicious purposes.
Journalists, dissidents, and other persons around the world have been targeted and tracked using these tools, which allow malign actors to infect mobile and internet-connected devices with malware over both WiFi and cellular data connections.
In some cases, malign actors can infect a targeted device with no action from the device owner. In others, they can use an infected link to gain access to a device.
National Cyber Security Center
The worst part about this is that these surveillance tools are extremely easy to deploy. According to the NCSC, in some cases, a hacker can get access to a victim's device just by getting the user to click on a seemingly innocuous link.
Fortunately, the NCSC also gives us a pretty solid list of tips you can use to avoid getting hacked, or at least make it much harder on the attackers. Read on for 10 simple things you can start practicing right now.
Regularly Update Device Operating Systems and Mobile Applications
We've talked about this before, and we'll probably mention it again in the future: You need to update your devices. This is the easiest way to avoid running into any trouble. If the company that makes your device and its operating system fixes a security vulnerability, the only way for you to stay safe is to update your device.
If you're on iPhone or iPad, that's as easy as going to Settings > General > Software Update. If there's an update available, it will show up there, and you can start installing it in a single tap. Your device will do the rest.
Be Suspicious of Content From Unfamiliar Senders
You should always be careful when getting an email from someone you don't know.
In fact, you should be careful even if the message or email appears to come from a person or company you do know. There's a very common scamming method called phishing, where cybercriminals impersonate a trusted source and then either try to hack you or get you to give up sensitive personal information.
Don't Click on Suspicious Links, Emails, and Attachments
These days, getting hacked can be as easy as opening an email, a link, or a file. Don't let your curiosity get the better of you; there's no reason to open links or files from an address you don't recognize. If it's important, chances are you'll hear from them again.
Due to widespread phishing, many organizations like banks and government agencies don't even send out links at all anymore. Instead, they either include all the relevant information in the email or they ask you to login into your account on their site by opening your web browser and navigating there on your own. So you should always be suspicious of links in emails that appear to be coming from a financial services provider, insurance company, or government office.
Check URLs Before Clicking Links, or Go to Websites Directly
Scammers and cybercriminals often use slightly modified links that look like they're going to sites that you would otherwise trust. For instance, they can send you a link to go to lnstagram.com, where the first letter is an "l" or a "1" instead of an "I."
Sure, if you look at it long enough, you should easily pick up that it's a fake URL, but if you just got an email saying your Instagram account has been hacked, you might not bother double-checking.
If the email is from someone you don't know or looks a bit shady, read the URL carefully before you open anything up. If you're using a mail client like Apple Mail, hover over the link or button with your mouse and wait for a pop-up to show you the actual link. On an iPhone or iPad, tap and hold on the link to see a preview of where it goes.
If you're still unsure, just go to the company's website directly without using or copying the link.
Regularly Restart Mobile Devices
There are a lot of benefits that come from rebooting your devices on a regular basis. Not only will this help clear up some memory and improve performance, but you can also get rid of malicious software.
Some malware only lives in active memory, which means it will go away or stop working after restarting your device. How often you should reboot your devices will depend on the device itself, but the general rule is that you restart it at least once a week.
Encrypt And Password Protect Your Device
Nowadays it's super easy to password-protect your device when you first get it. You can use Face ID or Touch ID and add a passcode if you have an iPhone, so it's harder to hack. On Android devices, it's as easy as adding your fingerprint and passcode as well. On an iPhone or iPad, adding a passcode also securely encrypts everything on your device, making it impossible to access without knowing (or guessing) the passcode.
That doesn't mean your devices are uncrackable. There are still ways for someone to hack your iPhone if they have the right equipment. Although this is mostly confined to law enforcement agencies and professional cybercriminals, that still doesn't mean you should make it any easier. In fact, if you choose a longer alphanumeric password, it could take years to crack — assuming of course your password isn't something obvious like your dog's name or your favorite sports team.
Maintain Physical Control of Your Device
If you're out and about, you should try to keep your devices with you at all times. In some cases, cybercrooks may only need a few seconds with your device to hack into it or plant malware on it.
Also get into the habit of locking your device before setting it down on a table or even putting it back in your bag or pocket; this will not only improve security, but also help save battery life too.
If you encounter somebody who needs to make a phone call in an emergency, you can still be a Good Samaritan and help them out while taking a few simple precautions. Instead of simply handing over your unlocked device, offer to dial the number for them, and then let them have your phone once the call starts ringing through.
On an iPhone, you can also lock your device after placing the call as long you switch the speakerphone mode on before pressing the Sleep/Wake button. Once locked, you can switch the speakerphone off again, and the iPhone will stay locked as long as you're careful not to inadvertently trigger Face ID in the process.
Use Trusted Virtual Private Networks
Using a Virtual Private Network (VPN) is one of the best ways to stay safe online. Not only will your devices become harder to hack, but your sensitive data, like your location or IP address, will be safe from cybercriminals, ad tracking companies, and even the government.
There are many great VPN services you can use, but be sure to use one you know you can trust. While using a VPN will hide your traffic from everybody else, the company that runs the VPN still knows who you are and where you're going.
Disable Geo-Location Permissions
Your location is valuable information not just to cybercriminals, but to advertising and marketing networks as well. This means you should try to keep it as safe as possible. While a VPN will prevent tracking based on your IP address, it won't help you with apps that can simply access your smartphones GPS directly. For this, you need to disable access to your current location for those apps.
If you're on iPhone, you can go to Settings > Privacy > Location Services to see a list of all the apps on your device that want access to your location, and switch it off for any that you don't want tracking you.
Be Mindful of Sensitive Content
Unfortunately, no device is unhackable, but that doesn't mean they're all easy to get into. Ultimately, the more cautious you are, the easier it'll be for you to stay safe.
Avoid keeping too much private information on your devices. If you have to, assume that your device is already hacked and that you'll only have a bit of time to protect all the sensitive information that you don't want anyone to have.